markomedia - web development

I’ve been using Charles HTTTP Proxy for bandwidth throttling and network monitoring in general. It’s a great little tool, but when it comes to bandwidth throttling, it will only throttle HTTP and HTTPS traffic on ports 80 and 443 respectively.

I thought there had to be a way to throttle bandwidth on any port using the native IP firewall and traffic shaper program. After reading up the documentation for ipfw, I figured out a way to throttle speed on any outgoing port.

For example, the following example will create a pipe that will allow 25Kb/s to go through port 1935.

sudo ipfw pipe 1 config bw 25KByte/s
sudo ipfw add 1 pipe 1 src-port 1935

To disable throttling, simply delete the throttling rule:

sudo ipfw delete 1

Marko

At Learnosity I’ve spent last 2 days scripting virtual server deployment on Amazon cloud. For my reference, these are some useful commands I had to use to get the job done.
1. Hash “Hello World” string using SHA256 algorithm

echo -n "Hello World" | shasum -a 256

You can also hash a file

shasum -a 256 myfile.ext

2. Display server IP address by stripping out all other network information, including the local 127.0.0.1 IP

ifconfig  | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'

3. Read out first 64 characters from a long string

${mystring:0:64}

4. While loop with 10 iterations

i=0;
while [ $i -lt 10 ]
do
    echo $i
    i=$[$i+1]
done

5. Replace contents of a file. For example search for string1, replace with string2 in myfile.txt

sed -e "s/string1/string2/g" myfile.txt > myfile.txt_temp
mv myfile.txt_temp myfile.txt

6. Display number of CPU processors on Linux
The command simply pulls out all instances of the word ‘processor’ from /proc/cpuinfo and returns the word count of it.

cat /proc/cpuinfo | grep processor | wc -l

Marko

I recently changed my ISP from Optus to TPG and when I tried to start my local apache instance and I got this error

httpd: apr_sockaddr_info_get() failed for 192-168-1-107.tpgi.com.au
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

That gave me a hint that my local hostname had changed. I reset it back to what it was originally like this:

sudo hostname myoldhostname.local

Restarted apache and it was smooth sailing again.

Marko

I’ve recently been working on text file decryption using Railo server. My files were encrypted in ActionScript 3 with the powerful AES-128 algorithm. For more info on AS3 encryption see Hurlant Crypto demo.

My challenge was to decypt this heavily encrypted content on a different platform, i.e. Railo with underlying Java Cipher capabilities.

The 6 things I knew about the encrypted content were:
1. Encryption Method – AES
2. Mode – CBC (Cipher-block chaining)
3. Padding – PKCS5
4. Initialisation Vector (IV) – given hex string
5. Passphrase – given hex string
6. Encrypted text file saved in base64 encoded string.

For my records, this is how I went about decrypting on Railo:

<cfscript>
// Create some java objects
IvParameterSpec = createObject("java", "javax.crypto.spec.IvParameterSpec");
Cipher = createObject("java", "javax.crypto.Cipher");
SecretKeySpec = createObject("java", "javax.crypto.spec.SecretKeySpec");
BASE64Decoder = createObject("java", "sun.misc.BASE64Decoder");
Str = createObject("java", "java.lang.String");
MessageDigest = createObject("java", "java.security.MessageDigest");
 
encryptedFileContent = "base64encodedcontent";
password = binarydecode("somehexpassphrase", "hex");
iv = binarydecode("somehexivstring", "hex");
 
skeySpec = SecretKeySpec.init(password, "AES");
ivSpec = IvParameterSpec.init(iv);
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
 
encryptedContent = BASE64Decoder.decodeBuffer(encryptedFileContent);
cipher.init(Cipher.DECRYPT_MODE,skeySpec,ivSpec);
decryptedBytes = cipher.doFinal(encryptedContent);
decryptedString = Str.init(decryptedBytes);
</cfscript>

Now that we know how the decryption works, encrypting data on Railo should be a piece of cake. For example:

<cfscript>
password = "somepassphrase";
stringToEncrypt = "stringToEncrypt";
md = MessageDigest.getInstance("MD5");
md.update(password.getBytes("UTF-8"), 0, password.length());
rawKey = md.digest();
 
skeySpec = SecretKeySpec.init(rawKey, "AES");
ivSpec = IvParameterSpec.init(rawKey);
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivSpec);
 
encryptedbytes = cipher.doFinal(stringToEncrypt.getBytes());
</cfscript>

The only thing you need to be aware of is the format of parameters passed into encryption/decryption logic, and convert them appropriately. These parameters can be either plain, base64 or hex strings.

Who would’ve thought that reverse engineering could be som much fun

Cheers
Marko

I’ve had to reinstall apache server on my Mac and the only way to do it cleanly was to nuke my existing apache installation and compile a fresh one from source.

That’s all cool, but I could never remember what modules I needed and how to enable them.  If you don’t load any modules at compile time, this is the most likely error you’ll get when you start apache web server:

Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration

So the following steps worked well for me.

1. Download Apache 2.2 source code

2. Extract the source code and configure apache with required modules. These modules are the ones I normally need. You can customise this to your needs:

./configure  --prefix=/usr/local/apache2 \
--enable-mods-shared=all \
--enable-shared \
--enable-deflate \
--enable-proxy \
--enable-proxy-http \
--enable-ssl \
--enable-cgi \
--enable-cgid \
--enable-cache
 
make \
 
make install \

Check /usr/local/apache2/modules directory and make sure required modules have been installed.

Marko

The first of multiple files that make up a split archive created with WinZip; uses the same compression as a standard .ZIP file, but must be decompressed along with the related split archives (.Z02, .Z03, etc.).

Split archives are often used to shrink the size of large files for e-mail attachments or file downloads. They can only be decompressed if all the split archive segments are available.

To decompress a series of z01, z02… files you need to do the following

1) Change all .z01, .z02 extensions to .001, .002 and so on.
2) The last extension in compressed series will have a .zip extension. If you have 8 segments, change .zip to .008.
3) Join all segments using “MacHacha”
4) Change the extension of the file produced by MacHacha to .zip
5) Use “The Unarchiver” to decompress the .zip file produced by MacHacha.

References:
http://www.fileinfo.com/extension/z01

I tried uploading a large file from Flash to php back end and got the following error:

PHP Warning: POST Content-Length of 18348279 bytes exceeds the limit of 8388608 bytes

It’s self explanatory, my PHP installation by default only allows up to 8MB of data to be uploaded to the server. To solve this you need to change the following 2 variables in php.ini file:
post_max_size = 8M
and
upload_max_filesize = 2M

Marko

I had a go at loading some assets from Amazon S3 with AS3 bulk loader and ran into trouble. Generally I specify loader context when I load files from external source, but I thought Bulk Loader handled it all internally.  After browsing the source code I found out that you can pass the LoaderContext into each loading item.

You can specify LoaderContext for each BulkLoader item like so:

var context:LoaderContext = new LoaderContext(true, ApplicationDomain.currentDomain);
var loader:BulkLoader = new BulkLoader("myBulkLoaderInstance");
loader.add( amazonS3Domain, { context: context  } );

Thanks to Trevor Hartman for this snippet.

Also “Using Amazon S3 with Adobe Flash and Microsoft Silverlight” article has some useful tips on this topic as well as crossdomain policy files.

I haven’t tried using this technique to load files from other APIs such as Facebook, so I’d imagine you’d have to follow the same approach.

Marko

I just wrote a little mysql snippet that will replace all instances of ‘domain1′ to ‘domain2′ in a given table and column. So why not share it.  All you need to do is set the variable values in first 4 lines of code below:

SET @tblname = "tablename";
SET @colname = "columnname";
SET @lookfor = "'domain1'";
SET @replacewith = "'domain2'";
 
SET @qry = CONCAT('UPDATE ',@tblname, ' SET ', @colname, ' = REPLACE(' ,@colname, ',', @lookfor, ',',@replacewith,')');
PREPARE QUERY FROM @qry;
EXECUTE QUERY;

Obviously, you can use this technique to construct any MySQL query.

Cheers
Marko

This week I had to unzip some files using ColdFusion 7 (I know it’s ancient technology) and I realised that CF7 doesn’t natively support zipping/unzipping of files!  Fortunately, ColdFusion can utilise the underlying power of Java to achieve this.  I found this neat Java article – Unzipping Files with java.util.zip.ZipFile and simply translated it into ColdFusion 7.

Here is the ColdFusion version that works well on CFMX7:

<cfparam name="dest" default="/path_to_extract/">
 
<cffunction name="getByteArray" access="private" returnType="binary" output="no">
	<cfargument name="size" type="numeric" required="true"/>
	<cfset var emptyByteArray =
	createObject("java", "java.io.ByteArrayOutputStream").init().toByteArray()/>
	<cfset var byteClass = emptyByteArray.getClass().getComponentType()/>
	<cfset var byteArray =
	createObject("java","java.lang.reflect.Array").newInstance(byteClass, arguments.size)/>
 
	<cfreturn byteArray />
</cffunction>
 
<cfscript>
	if(structKeyExists(form,"myFile") and len(form.myFile)) {
		content = ArrayNew(1);
		FileOutputStream = createObject('java',"java.io.FileOutputStream");
		BufferedOutputStream = createObject('java',"java.io.BufferedOutputStream");
		ZipFile = createObject('java',"java.util.zip.ZipFile");
		ioFile = createObject('java',"java.io.File");
		Byte = createObject('java',"java.lang.Byte");
 
		buffer = getByteArray(1024);
		length = 0;
 
		zipFileName = form.myFile;
 
		zFile = ZipFile.init(zipFileName);
		entries = zFile.entries();
 
		while(entries.hasMoreElements()) {
			entry = entries.nextElement();
 
			if(entry.isDirectory()) {
				// Assume directories are stored parents first then children.
				ioFile.init(dest & entry.getName()).mkdir();
				continue;
			}
			in = zipFile.getInputStream(entry);
			out = BufferedOutputStream.init(FileOutputStream.init(dest & entry.getName()));
 
			length = in.read(buffer);
			while(length gte 0) {
				 out.write(buffer, 0, length);
				 length = in.read(buffer);
			}
 
			in.close();
			out.close();
		}
 
		zFile.close();
 
		//loop tghrough content array and decrypt
	}
</cfscript>
 
<form name="myForm" method="POST" action="zip.cfm" enctype="multipart/form-data">
	<input type="file" name="myfile" />
	<input type="submit" name="submit" value="Upload" />
</form>

Cheers
Marko